IP phone setup remote location

Hi all,

Not sure if this is the correct group but here is my question, we have a BCM40 here and I'm setting up 2 (or maybe 3) IP phones at a remote location.

I set up an IPSEC vpn tunnel through the firewall here to the remote location and the remote phone works. It just doesn't work well, choppy, cuts out, etc.

So does anyone know what does or does not work?

It seems to me the things that could be causing the problem are: switch here, firewall here, dsl router here, these three at the remote location or it could be the tunnel.

Anyone have any ideas on where to start trouble shooting?



Reply to
Julien Mills
Loading thread data ...

Hi Julien,

I would start with the Remote office DSL connection first. If your connections from office to office are public Internet connections that is most likely where your issue(s) begin.

By its very nature the public Internet is an uncontrolled resource. VoIP communication needs a controlled connection to be able to be a quality, reliable business communication tool. Otherwise you are at the mercy of public watering hole that has no care about what your company does for a living.

Then examine

- Remote and Main office Internet connection bandwidth shaping. If you do not control usage currently then try to do so. Prioritize the VoIP communications over the other less time and packet critical items like ftp, web etc. This may be the trick that make your DSL connection reliable enough to be useful while still being cheap (in every sense of the term) enough for your business to use.

- The Main office Internet connection. Same as above.

- The Remote office DSL router. Some DSL routers choke above a certain point or are just not reliable. read up the model you have and evaluate whether or not you really like your current equipment.

- The Remote office VPN Router. Make sure the VPN router has the horsepower for the job. Make sure the firmware and model of the router match the task.

- The Main office VPN Router. Same as the Remote. Make sure the mfr, model, and type match the task. Even more so since the Main office may have more than one VPN connection.

Better yet, if budget allows, chuck any public connection and get a private connection. No matter what you do a VPN connection across the public Internet will always be a potential thorn in you VoIP communications. Your company may even classify a private connection (either leased line or virtual circuit) as secure enough to eliminate the VPN router. Though I doubt it.


Reply to

Symptoms _tend_ to indicate dropped packets, and/or 'high jitter' issues, "somewhere" between ends.

Things 'nominally' under your control are local link speeds, and the degree of utilization of the bandwidth on each end.

Also, look at processor utilization levels on the devices that terminate the tunnel.

Another possibility is PMTUD failure. due to overly paranoid firewall rules at any point between the two locations.

If the same provider is servicing both locations, you can probably arrange for a VPN _with_ QOS prioritization of VoIP traffic.

If the locations are serviced by different providers, you're on towards 'out of luck' for constructive QOS prioritization.

Reply to
Robert Bonomi

Yes, the two locations are serviced by different providers. Hmm.

I'm wondering if it would help to get a VPN router from Nortel. Just browsing around on their website, it sounds as though it may help but I'm not sure where the bottleneck is.

Reply to
Julien Mills

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.